EIP-2026-111181
PRE-CVEPHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111181. PoCs published by MGhz.
AI-analyzed exploit summary The exploit demonstrates a remote file inclusion (RFI) vulnerability in Zorum by manipulating the 'gorumDir' parameter in include.php to load arbitrary PHP scripts from an external server. This allows remote command execution on the vulnerable host.
Description
PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by MGhz · textwebappsphp
https://www.exploit-db.com/exploits/22195
The exploit demonstrates a remote file inclusion (RFI) vulnerability in Zorum by manipulating the 'gorumDir' parameter in include.php to load arbitrary PHP scripts from an external server. This allows remote command execution on the vulnerable host.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
Zorum (version unspecified)
No auth needed
Prerequisites:
Target server running Zorum with vulnerable include.php · Remote server hosting malicious PHP script
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026